Cyber-espionage attempts on US businesses are on rise

It's not just the Chinese that are stealing businesses' secrets. The Russians …

The Office of the National Counterintelligence Executive has just published a report to Congress that presents a frightening picture of the degree to which other countries use cyber espionage to attempt to gain business and industrial secrets from US companies. And while the biggest perpetrators of cyber-espionage against American business are no surprise—China and Russia—some US allies have engaged in efforts to obtain sensitive business and technology information as well. The report projects that China and Russia will “remain aggressive and capable collectors of sensitive US economic information and technologies, particularly in cyberspace.”

The same technological advances that many companies see as increasing productivity and reducing cost of operations are creating a huge risk of additional cyber-espionage by the ONCE’s assessment. The persistence of Internet-connected devices such as smartphones, the use of cloud computing and the rise of telework all elevate the risk of data theft, the report suggests. And the globalization of business through IT lowers the threshold further. “National boundaries will deter economic espionage less than ever as more business is conducted from wherever workers can access the Internet,” the report states. “The globalization of the supply chain for new—and increasingly interconnected—IT products will offer more opportunities for malicious actors to compromise the integrity and security of these devices.”

The biannual report is mandated by a provision of the 1995 law funding US intelligence organizations. But this edition is the first to focus heavily on cyber-espionage, reflecting how most critical data now passes over networks. The research behind the report also draws heavily from Defense Department intelligence resources as well as those of other US government agencies and the private sector.

The report pointed out that attribution of cyber-espionage efforts is difficult at best, and that while “Chinese actors are the world’s most active and persistent perpetrators of economic espionage” and the vast majority of attacks on US businesses have come from within China, the intelligence community cannot confirm who was responsible for them, let alone whether they were state sanctioned and funded.

However, the report classified the Chinese government as a “peristent collector,” and said that the Chinese frequently tried to exploit Chinese citizens or people with family or other connections to China working within US companies to steal electronic data from their employers. The the report also singled out Russia’s intelligence services as “conducting a range of activities to collect economic information and technology from US targets.”

24 Reader Comments

I'd be interested to know how many US companies do this as well, but I wouldn't have expected that to make it in the report. I hope this problem drives a larger push towards securing these remote work environments and doesn't just make companies decide to set us all back 10 years.

The Office of the National Counterintelligence Executive has just published a report to Congress that presents a frightening picture of the degree to which other countries use cyber espionage to attempt to gain business and industrial secrets from US companies. And while the biggest perpetrators of cyber-espionage against American business are no surprise—China and Russia—some US allies have engaged in efforts to obtain sensitive business and technology information as well.

I'd be interested to know how many US companies do this as well, but I wouldn't have expected that to make it in the report. I hope this problem drives a larger push towards securing these remote work environments and doesn't just make companies decide to set us all back 10 years.

I'm pretty sure that the US government engages in similar actions to some extent. I am certainly positive that they used 09/11 policy changes at airports to lift sensitive information from laptop and other IT devices.

There are not really that many more of them happening. its just that people are starting to notice them or reporting them out.

This ++

The most successful attack is one you never know about. As people are becoming more aware of the threats posed by keeping any type of information accessible on a WAN, they are monitoring stuff more and as a result reporting it more.

Sean Gallagher / Sean is Ars Technica's IT Editor. A former Navy officer, systems administrator, and network systems integrator with 20 years of IT journalism experience, he lives and works in Baltimore, Maryland.